Edit tour
Linux
Analysis Report
gk5sduiOpM.elf
Overview
General Information
Sample name: | gk5sduiOpM.elfrenamed because original name is a hash value |
Original sample name: | dc5798b63ec910732be55e786b58736b.elf |
Analysis ID: | 1430966 |
MD5: | dc5798b63ec910732be55e786b58736b |
SHA1: | cc0c6f8bb673a14e57d54ebb423fa8422886882e |
SHA256: | 02a8a462612a1f9d3e1ac1cede877c4d271b2d0389feef64fa014a29d65af1c6 |
Tags: | 64elfmirai |
Infos: |
Detection
Score: | 72 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Machine Learning detection for sample
Sample deletes itself
Sample reads /proc/mounts (often used for finding a writable filesystem)
Sample tries to kill multiple processes (SIGKILL)
Detected TCP or UDP traffic on non-standard ports
Found strings indicative of a multi-platform dropper
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable
Sample has stripped symbol table
Sample listens on a socket
Sample tries to kill a process (SIGKILL)
Uses the "uname" system call to query kernel version information (possible evasion)
Yara signature match
Classification
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1430966 |
Start date and time: | 2024-04-24 12:33:36 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 2s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | gk5sduiOpM.elfrenamed because original name is a hash value |
Original Sample Name: | dc5798b63ec910732be55e786b58736b.elf |
Detection: | MAL |
Classification: | mal72.spre.troj.evad.linELF@0/0@16/0 |
- Connection to analysis system has been lost, crash info: Unknown
- VT rate limit hit for: security.rebirth-network.su
Command: | /tmp/gk5sduiOpM.elf |
PID: | 5480 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | black botnet voodoo |
Standard Error: |
- system is lnxubuntu20
- gk5sduiOpM.elf New Fork (PID: 5481, Parent: 5480)
- gk5sduiOpM.elf New Fork (PID: 5482, Parent: 5481)
- gk5sduiOpM.elf New Fork (PID: 5483, Parent: 5481)
- gk5sduiOpM.elf New Fork (PID: 5484, Parent: 5481)
- gk5sduiOpM.elf New Fork (PID: 5485, Parent: 5481)
- systemd New Fork (PID: 5486, Parent: 1)
- systemd New Fork (PID: 5503, Parent: 1)
- gdm3 New Fork (PID: 5519, Parent: 1289)
- systemd New Fork (PID: 5521, Parent: 2955)
- gvfsd-fuse New Fork (PID: 5522, Parent: 3147)
- systemd New Fork (PID: 5523, Parent: 1)
- gdm3 New Fork (PID: 5528, Parent: 1289)
- systemd New Fork (PID: 5529, Parent: 1)
- systemd New Fork (PID: 5530, Parent: 1)
- gdm3 New Fork (PID: 5531, Parent: 1289)
- systemd New Fork (PID: 5535, Parent: 1)
- systemd New Fork (PID: 5536, Parent: 1)
- systemd New Fork (PID: 5537, Parent: 1)
- systemd New Fork (PID: 5538, Parent: 1)
- systemd New Fork (PID: 5539, Parent: 1)
- systemd New Fork (PID: 5540, Parent: 1)
- systemd New Fork (PID: 5541, Parent: 1)
- systemd New Fork (PID: 5542, Parent: 1)
- systemd New Fork (PID: 5543, Parent: 1)
- systemd New Fork (PID: 5544, Parent: 1)
- systemd New Fork (PID: 5545, Parent: 1)
- systemd New Fork (PID: 5549, Parent: 2955)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
Linux_Trojan_Mirai_564b8eda | unknown | unknown |
|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
Linux_Trojan_Mirai_564b8eda | unknown | unknown |
| |
Linux_Trojan_Mirai_564b8eda | unknown | unknown |
| |
Linux_Trojan_Mirai_564b8eda | unknown | unknown |
| |
Linux_Trojan_Mirai_564b8eda | unknown | unknown |
|
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Source: | Joe Sandbox ML: |
Source: | String: |
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior |
Source: | String containing 'busybox' found: | ||
Source: | String containing 'busybox' found: |
Source: | .symtab present: |
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior | ||
Source: | SIGKILL sent: | Jump to behavior |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Classification label: |
Persistence and Installation Behavior |
---|
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | File: | Jump to behavior |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | Windows Management Instrumentation | 1 Scripting | Path Interception | 1 File Deletion | OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | 1 Service Stop |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | 1 File and Directory Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
⊘No configs have been found
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
20% | Virustotal | Browse | ||
13% | ReversingLabs | Linux.Trojan.Mirai | ||
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
security.rebirth-network.su | 212.70.149.10 | true | false | unknown | |
siegheil.hiter.su | unknown | unknown | true | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
212.70.149.14 | unknown | Bulgaria | 208410 | INTERNET-HOSTINGBG | false | |
212.70.149.10 | security.rebirth-network.su | Bulgaria | 208410 | INTERNET-HOSTINGBG | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
212.70.149.14 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
212.70.149.10 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
security.rebirth-network.su | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
INTERNET-HOSTINGBG | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
INTERNET-HOSTINGBG | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 5.8901999949885395 |
TrID: |
|
File name: | gk5sduiOpM.elf |
File size: | 94'672 bytes |
MD5: | dc5798b63ec910732be55e786b58736b |
SHA1: | cc0c6f8bb673a14e57d54ebb423fa8422886882e |
SHA256: | 02a8a462612a1f9d3e1ac1cede877c4d271b2d0389feef64fa014a29d65af1c6 |
SHA512: | 61b9fe50a4bf3f6f7014410eb4374ac6cb98820911fad9e34c324ee02c194858d6d59fb50e449241825c181265be41cacadb8c9c53fe581fb1950ac703bab0c8 |
SSDEEP: | 1536:HQAaxtd+eDyG9voQUV+1Fb4eLaQV3u5ewdks7zSMLoEQ1It3R+yd5pwWa7DrjZt/:wAaLoCyMA+fdGiAr2+q |
TLSH: | 89933A02F5C65CFDC156E1715B5F9132EA32F92C1238BAAF1790FB621E3EE215E29640 |
File Content Preview: | .ELF..............>.......@.....@.......Po..........@.8...@.......................@.......@......^.......^........ ..............m.......ma......ma.....$................. .....Q.td....................................................P.b....=&..X........... |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 64 |
Program Header Offset: | 64 |
Program Header Size: | 56 |
Number of Program Headers: | 3 |
Section Header Offset: | 94032 |
Section Header Size: | 64 |
Number of Section Headers: | 10 |
Header String Table Index: | 9 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x4000e8 | 0xe8 | 0xd | 0x0 | 0x6 | AX | 0 | 0 | 1 |
.text | PROGBITS | 0x400100 | 0x100 | 0x12662 | 0x0 | 0x6 | AX | 0 | 0 | 16 |
.fini | PROGBITS | 0x412762 | 0x12762 | 0x8 | 0x0 | 0x6 | AX | 0 | 0 | 1 |
.rodata | PROGBITS | 0x412780 | 0x12780 | 0x377c | 0x0 | 0x2 | A | 0 | 0 | 32 |
.ctors | PROGBITS | 0x616de8 | 0x16de8 | 0x10 | 0x0 | 0x3 | WA | 0 | 0 | 8 |
.dtors | PROGBITS | 0x616df8 | 0x16df8 | 0x10 | 0x0 | 0x3 | WA | 0 | 0 | 8 |
.data | PROGBITS | 0x616e20 | 0x16e20 | 0xec | 0x0 | 0x3 | WA | 0 | 0 | 32 |
.bss | NOBITS | 0x616f20 | 0x16f0c | 0x9a60 | 0x0 | 0x3 | WA | 0 | 0 | 32 |
.shstrtab | STRTAB | 0x0 | 0x16f0c | 0x3e | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x400000 | 0x400000 | 0x15efc | 0x15efc | 6.0796 | 0x5 | R E | 0x200000 | .init .text .fini .rodata | |
LOAD | 0x16de8 | 0x616de8 | 0x616de8 | 0x124 | 0x9b98 | 2.9803 | 0x6 | RW | 0x200000 | .ctors .dtors .data .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x8 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 24, 2024 12:34:19.142860889 CEST | 54444 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:34:20.165544033 CEST | 54444 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:34:20.493032932 CEST | 35342 | 54444 | 212.70.149.14 | 192.168.2.14 |
Apr 24, 2024 12:34:23.945112944 CEST | 54446 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:34:24.273178101 CEST | 35342 | 54446 | 212.70.149.14 | 192.168.2.14 |
Apr 24, 2024 12:34:27.799926996 CEST | 54448 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 24, 2024 12:34:28.128458977 CEST | 35342 | 54448 | 212.70.149.14 | 192.168.2.14 |
Apr 24, 2024 12:34:30.304316998 CEST | 37468 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:34:30.632471085 CEST | 35342 | 37468 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:34:30.632579088 CEST | 37468 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:34:30.632808924 CEST | 37468 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:34:30.960675001 CEST | 35342 | 37468 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:34:30.960747957 CEST | 37468 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:34:31.288399935 CEST | 35342 | 37468 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:34:45.636626005 CEST | 37468 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:34:45.964246035 CEST | 35342 | 37468 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:34:45.967305899 CEST | 35342 | 37468 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:34:45.967381001 CEST | 37468 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:35:01.299405098 CEST | 35342 | 37468 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:35:01.299516916 CEST | 37468 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:36:16.013312101 CEST | 37468 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:36:16.865226030 CEST | 37468 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:36:17.193053007 CEST | 35342 | 37468 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:36:17.224463940 CEST | 35342 | 37468 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:36:17.224864006 CEST | 37468 | 35342 | 192.168.2.14 | 212.70.149.10 |
Apr 24, 2024 12:36:32.580013990 CEST | 35342 | 37468 | 212.70.149.10 | 192.168.2.14 |
Apr 24, 2024 12:36:32.580250025 CEST | 37468 | 35342 | 192.168.2.14 | 212.70.149.10 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 24, 2024 12:34:17.962363958 CEST | 60965 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:34:18.453320980 CEST | 53 | 60965 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:34:18.453550100 CEST | 60423 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:34:18.626054049 CEST | 53 | 60423 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:34:18.626176119 CEST | 34381 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:34:18.798242092 CEST | 53 | 34381 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:34:18.798382044 CEST | 39978 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:34:18.970452070 CEST | 53 | 39978 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:34:18.970577955 CEST | 37764 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 24, 2024 12:34:19.142726898 CEST | 53 | 37764 | 134.195.4.2 | 192.168.2.14 |
Apr 24, 2024 12:34:22.493294001 CEST | 36152 | 53 | 192.168.2.14 | 51.158.108.203 |
Apr 24, 2024 12:34:22.783766985 CEST | 53 | 36152 | 51.158.108.203 | 192.168.2.14 |
Apr 24, 2024 12:34:22.783962965 CEST | 40314 | 53 | 192.168.2.14 | 51.158.108.203 |
Apr 24, 2024 12:34:23.073918104 CEST | 53 | 40314 | 51.158.108.203 | 192.168.2.14 |
Apr 24, 2024 12:34:23.074249029 CEST | 59975 | 53 | 192.168.2.14 | 51.158.108.203 |
Apr 24, 2024 12:34:23.364192009 CEST | 53 | 59975 | 51.158.108.203 | 192.168.2.14 |
Apr 24, 2024 12:34:23.364377022 CEST | 55124 | 53 | 192.168.2.14 | 51.158.108.203 |
Apr 24, 2024 12:34:23.654545069 CEST | 53 | 55124 | 51.158.108.203 | 192.168.2.14 |
Apr 24, 2024 12:34:23.654663086 CEST | 55334 | 53 | 192.168.2.14 | 51.158.108.203 |
Apr 24, 2024 12:34:23.944988012 CEST | 53 | 55334 | 51.158.108.203 | 192.168.2.14 |
Apr 24, 2024 12:34:26.273426056 CEST | 52952 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 24, 2024 12:34:26.582357883 CEST | 53 | 52952 | 51.254.162.59 | 192.168.2.14 |
Apr 24, 2024 12:34:26.582511902 CEST | 53352 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 24, 2024 12:34:26.889930964 CEST | 53 | 53352 | 51.254.162.59 | 192.168.2.14 |
Apr 24, 2024 12:34:26.890079975 CEST | 53176 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 24, 2024 12:34:27.194200039 CEST | 53 | 53176 | 51.254.162.59 | 192.168.2.14 |
Apr 24, 2024 12:34:27.194602966 CEST | 34706 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 24, 2024 12:34:27.497417927 CEST | 53 | 34706 | 51.254.162.59 | 192.168.2.14 |
Apr 24, 2024 12:34:27.497597933 CEST | 52540 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 24, 2024 12:34:27.799767017 CEST | 53 | 52540 | 51.254.162.59 | 192.168.2.14 |
Apr 24, 2024 12:34:30.128855944 CEST | 43321 | 53 | 192.168.2.14 | 8.8.4.4 |
Apr 24, 2024 12:34:30.304094076 CEST | 53 | 43321 | 8.8.4.4 | 192.168.2.14 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Apr 24, 2024 12:34:27.564948082 CEST | 192.168.2.14 | 192.168.2.1 | 827a | (Port unreachable) | Destination Unreachable |
Apr 24, 2024 12:35:47.586848021 CEST | 192.168.2.14 | 192.168.2.1 | 827a | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 24, 2024 12:34:17.962363958 CEST | 192.168.2.14 | 134.195.4.2 | 0x13ff | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:18.453550100 CEST | 192.168.2.14 | 134.195.4.2 | 0x13ff | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:18.626176119 CEST | 192.168.2.14 | 134.195.4.2 | 0x13ff | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:18.798382044 CEST | 192.168.2.14 | 134.195.4.2 | 0x13ff | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:18.970577955 CEST | 192.168.2.14 | 134.195.4.2 | 0x13ff | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:22.493294001 CEST | 192.168.2.14 | 51.158.108.203 | 0x9e29 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:22.783962965 CEST | 192.168.2.14 | 51.158.108.203 | 0x9e29 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:23.074249029 CEST | 192.168.2.14 | 51.158.108.203 | 0x9e29 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:23.364377022 CEST | 192.168.2.14 | 51.158.108.203 | 0x9e29 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:23.654663086 CEST | 192.168.2.14 | 51.158.108.203 | 0x9e29 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:26.273426056 CEST | 192.168.2.14 | 51.254.162.59 | 0x566a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:26.582511902 CEST | 192.168.2.14 | 51.254.162.59 | 0x566a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:26.890079975 CEST | 192.168.2.14 | 51.254.162.59 | 0x566a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:27.194602966 CEST | 192.168.2.14 | 51.254.162.59 | 0x566a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:27.497597933 CEST | 192.168.2.14 | 51.254.162.59 | 0x566a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:30.128855944 CEST | 192.168.2.14 | 8.8.4.4 | 0xa480 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 24, 2024 12:34:18.453320980 CEST | 134.195.4.2 | 192.168.2.14 | 0x13ff | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:18.626054049 CEST | 134.195.4.2 | 192.168.2.14 | 0x13ff | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:18.798242092 CEST | 134.195.4.2 | 192.168.2.14 | 0x13ff | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:18.970452070 CEST | 134.195.4.2 | 192.168.2.14 | 0x13ff | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:19.142726898 CEST | 134.195.4.2 | 192.168.2.14 | 0x13ff | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:22.783766985 CEST | 51.158.108.203 | 192.168.2.14 | 0x9e29 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:23.073918104 CEST | 51.158.108.203 | 192.168.2.14 | 0x9e29 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:23.364192009 CEST | 51.158.108.203 | 192.168.2.14 | 0x9e29 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:23.654545069 CEST | 51.158.108.203 | 192.168.2.14 | 0x9e29 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:23.944988012 CEST | 51.158.108.203 | 192.168.2.14 | 0x9e29 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 24, 2024 12:34:30.304094076 CEST | 8.8.4.4 | 192.168.2.14 | 0xa480 | No error (0) | 212.70.149.10 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/gk5sduiOpM.elf |
Arguments: | /tmp/gk5sduiOpM.elf |
File size: | 94672 bytes |
MD5 hash: | dc5798b63ec910732be55e786b58736b |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/gk5sduiOpM.elf |
Arguments: | - |
File size: | 94672 bytes |
MD5 hash: | dc5798b63ec910732be55e786b58736b |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/gk5sduiOpM.elf |
Arguments: | - |
File size: | 94672 bytes |
MD5 hash: | dc5798b63ec910732be55e786b58736b |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/gk5sduiOpM.elf |
Arguments: | - |
File size: | 94672 bytes |
MD5 hash: | dc5798b63ec910732be55e786b58736b |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/gk5sduiOpM.elf |
Arguments: | - |
File size: | 94672 bytes |
MD5 hash: | dc5798b63ec910732be55e786b58736b |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /tmp/gk5sduiOpM.elf |
Arguments: | - |
File size: | 94672 bytes |
MD5 hash: | dc5798b63ec910732be55e786b58736b |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/journalctl |
Arguments: | /usr/bin/journalctl --smart-relinquish-var |
File size: | 80120 bytes |
MD5 hash: | bf3a987344f3bacafc44efd882abda8b |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/pulseaudio |
Arguments: | /usr/bin/pulseaudio --daemonize=no --log-target=journal |
File size: | 100832 bytes |
MD5 hash: | 0c3b4c789d8ffb12b25507f27e14c186 |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/libexec/gvfsd-fuse |
Arguments: | - |
File size: | 47632 bytes |
MD5 hash: | d18fbf1cbf8eb57b17fac48b7b4be933 |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /bin/fusermount |
Arguments: | fusermount -u -q -z -- /run/user/1000/gvfs |
File size: | 39144 bytes |
MD5 hash: | 576a1b135c82bdcbc97a91acea900566 |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:17 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/gdm3 |
Arguments: | - |
File size: | 453296 bytes |
MD5 hash: | 2492e2d8d34f9377e3e530a61a15674f |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /etc/gdm3/PrimeOff/Default |
Arguments: | /etc/gdm3/PrimeOff/Default |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /lib/systemd/systemd-journald |
Arguments: | /lib/systemd/systemd-journald |
File size: | 162032 bytes |
MD5 hash: | 474667ece6cecb5e04c6eb897a1d0d9e |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:18 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:34:19 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/sbin/rsyslogd |
Arguments: | /usr/sbin/rsyslogd -n -iNONE |
File size: | 727248 bytes |
MD5 hash: | 0b8087fc907c42eb3c81a691db258e33 |
Start time (UTC): | 10:35:47 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/lib/systemd/systemd |
Arguments: | - |
File size: | 1620224 bytes |
MD5 hash: | 9b2bec7092a40488108543f9334aab75 |
Start time (UTC): | 10:35:47 |
Start date (UTC): | 24/04/2024 |
Path: | /usr/bin/dbus-daemon |
Arguments: | /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only |
File size: | 249032 bytes |
MD5 hash: | 3089d47e3f3ab84cd81c48fd406d7a8c |